diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-08-27 12:03:12 +0000 |
---|---|---|
committer | Jose Vargas <jvargas@gitlab.com> | 2018-08-28 16:36:25 -0500 |
commit | 1dea6792cc8b8cc374353e808a86dfb025e3461b (patch) | |
tree | 4f7bdf14e1e0368004e6044bf5924dec9dde95c2 | |
parent | cdc2bc43d4b40d6bb5d3ab9ecbff509634360db6 (diff) | |
download | gitlab-ce-1dea6792cc8b8cc374353e808a86dfb025e3461b.tar.gz |
Update CHANGELOG.md for 11.2.2
[ci skip]
-rw-r--r-- | CHANGELOG.md | 9 | ||||
-rw-r--r-- | changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml | 5 |
2 files changed, 9 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 256dd913435..b9a2fca9ce5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.2.2 (2018-08-27) + +### Security (3 changes) + +- Fixed persistent XSS rendering/escaping of diff location lines. +- Adding CSRF protection to Hooks resend action. +- Block link-local addresses in URLBlocker. + + ## 11.2.1 (2018-08-22) ### Fixed (2 changes) diff --git a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml b/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml deleted file mode 100644 index 018acb9c5af..00000000000 --- a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Adding CSRF protection to Hooks resend action -merge_request: -author: -type: security |